sbin/cddconfig: fix realloc
AbandonedPublic
Actions

Authored by lbartoletti on Apr 7 2022, 12:42 PM.

Details

Reviewers

imp

Group Reviewers

Src Committers

Summary

Context: I'm working on CBSD [1] and trying to learn how the shell works, so I'm starting to read the source from CBSD and FreeBSD. I'm moving into Terra incognita, so feel free to let me know if I've missed anything for this patch.

Reading the source of sbin/cddconfig/cddconfig.c I saw an error on realloc's use aka CWE: 401 - Common realloc mistake: 'xx' nulled but not freed upon failure

The fix is simple. It has already been applied on OpenBSD [2] and NetBSD [3]
I kept the name for the variable: nargv.

[1] https://cbsd.io/ - https://github.com/cbsd/cbsd
[2] https://github.com/openbsd/src/blob/9ce3fac739d1116b52eeba34a7f2aa2a96249e70/sbin/ccdconfig/ccdconfig.c#L351
[3] https://github.com/NetBSD/src/blob/trunk/sbin/ccdconfig/ccdconfig.c#L329

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

lbartoletti created this revision.Apr 7 2022, 12:42 PM

Herald added a subscriber: imp. · View Herald TranscriptApr 7 2022, 12:42 PM

lbartoletti requested review of this revision.Apr 7 2022, 12:42 PM

imp requested changes to this revision.Apr 7 2022, 1:30 PM

imp added inline comments.

sbin/ccdconfig/ccdconfig.c
322	You still leak argcv here if argv was non-null and the allocation fails. The OpenBSD code is also wrong. Can't tell about the netbsd code since I don't want to go chase down eralloc.

This revision now requires changes to proceed.Apr 7 2022, 1:30 PM

The leak doesn't really matter since as soon as do_all returns we call exit anyway. FreeBSD's malloc has a 'reallocf' and you could just use it to replace the call to realloc to fix the leak, but it's a leak that doesn't really matter IMO.

lbartoletti abandoned this revision.Thu, Apr 11, 12:19 PM